Plex, an American streaming service, has asked its customers to change their passwords after a third-party data breach which allowed unauthorized access to user's emails, usernames, and encrypted passwords.
sent an email to its users, explaining the situation and asking them to update passwords as quickly as possible.
Plex stated that no credit card or other payment data were stolen in the breach, since these data are not stored on Plex's servers and therefore not subject to this attack.
Your account is unaffected if you use a single sign on (SSO) option on plex, such as Google, Facebook or Apple. But email address may have been compromised.
Plex is ecouraging users to authincate their accounts and to enable 2FA (two-factor authentication) to protect your account from unauthorized logins.
According to the corporation, the passwords were cryptographically scrambled which is one of the best and most secure password-protection algorithms and makes cracking more difficult.
In early 2021, Plex was in news as it was discovered that DDoS-for-hire services were leveraging some security flaws in Plex Media Server systems as a UDP reflection/amplification vector in DDoS attacks.